@hiro-c/agent-gate 1.0.2 → 1.2.0

package/README.md

@@ -87,6 +87,8 @@ Full options: see [docs/config.md](docs/config.md) (TODO) or `AgentGatePluginCon
 | `AGENT_GATE_REASON_LANG` | AI reason language: `auto` (default) / `en` / `ja` / etc. |
 | `AGENT_GATE_LOG` | `1` writes decisions to `~/.agent-gate/log.jsonl` |
 | `AGENT_GATE_API_KEY` | Use Anthropic API directly instead of `claude` CLI |
+| `AGENT_GATE_USE_SDK` | `1` prefers the Anthropic agent SDK over API/CLI (no API key needed; works best with daemon mode) |
+| `AGENT_GATE_ON_ERROR` | `block` to fail-closed when a rule or AI client throws (default `allow`) |
 | `AGENT_GATE_DAEMON` | `1` routes through the daemon if it is running |
 
 ## Supported AI tools

package/dist/config/Config.d.ts

@@ -12,6 +12,21 @@ export type ConfigOptions = {
      * - "en", "ja", "zh", "ko", etc.: write reasons in that language.
      */
     reasonLang?: string;
+    /**
+     * Prefer Anthropic's agent SDK (`@anthropic-ai/claude-agent-sdk`) as the
+     * first model client. Reuses the host process's Claude auth, removing
+     * the need for AGENT_GATE_API_KEY. The SDK has noticeable cold-start
+     * cost, so this is most useful when paired with `agent-gate daemon`.
+     */
+    useSdk?: boolean;
+    /**
+     * Behavior when a rule or model client throws unexpectedly.
+     * - "allow" (default): swallow the error and let the operation through.
+     *   Optimized for developer ergonomics so flaky AI does not block work.
+     * - "block": turn the error into a block verdict. Recommended for
+     *   production / enterprise pipelines that prefer fail-closed safety.
+     */
+    onError?: 'allow' | 'block';
 };
 export declare class Config {
     readonly model: string;
@@ -20,6 +35,8 @@ export declare class Config {
     readonly disabled: boolean;
     readonly useSystemClaude: boolean;
     readonly reasonLang: string | undefined;
+    readonly useSdk: boolean;
+    readonly onError: 'allow' | 'block';
     constructor(options?: ConfigOptions);
     get useApi(): boolean;
 }

package/dist/config/Config.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"Config.d.ts","sourceRoot":"","sources":["../../src/config/Config.ts"],"names":[],"mappings":"AAAA,eAAO,MAAM,aAAa,sBAAsB,CAAA;AAEhD,MAAM,MAAM,aAAa,GAAG;IAC1B,KAAK,CAAC,EAAE,MAAM,CAAA;IACd,MAAM,CAAC,EAAE,MAAM,CAAA;IACf,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB,QAAQ,CAAC,EAAE,OAAO,CAAA;IAClB,eAAe,CAAC,EAAE,OAAO,CAAA;IACzB;;;;;OAKG;IACH,UAAU,CAAC,EAAE,MAAM,CAAA;CACpB,CAAA;AAED,qBAAa,MAAM;IACjB,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAA;IACtB,QAAQ,CAAC,MAAM,EAAE,MAAM,GAAG,SAAS,CAAA;IACnC,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAA;IACzB,QAAQ,CAAC,QAAQ,EAAE,OAAO,CAAA;IAC1B,QAAQ,CAAC,eAAe,EAAE,OAAO,CAAA;IACjC,QAAQ,CAAC,UAAU,EAAE,MAAM,GAAG,SAAS,CAAA;gBAE3B,OAAO,CAAC,EAAE,aAAa;IAUnC,IAAI,MAAM,IAAI,OAAO,CAEpB;CACF"}
+{"version":3,"file":"Config.d.ts","sourceRoot":"","sources":["../../src/config/Config.ts"],"names":[],"mappings":"AAAA,eAAO,MAAM,aAAa,sBAAsB,CAAA;AAEhD,MAAM,MAAM,aAAa,GAAG;IAC1B,KAAK,CAAC,EAAE,MAAM,CAAA;IACd,MAAM,CAAC,EAAE,MAAM,CAAA;IACf,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB,QAAQ,CAAC,EAAE,OAAO,CAAA;IAClB,eAAe,CAAC,EAAE,OAAO,CAAA;IACzB;;;;;OAKG;IACH,UAAU,CAAC,EAAE,MAAM,CAAA;IACnB;;;;;OAKG;IACH,MAAM,CAAC,EAAE,OAAO,CAAA;IAChB;;;;;;OAMG;IACH,OAAO,CAAC,EAAE,OAAO,GAAG,OAAO,CAAA;CAC5B,CAAA;AAED,qBAAa,MAAM;IACjB,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAA;IACtB,QAAQ,CAAC,MAAM,EAAE,MAAM,GAAG,SAAS,CAAA;IACnC,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAA;IACzB,QAAQ,CAAC,QAAQ,EAAE,OAAO,CAAA;IAC1B,QAAQ,CAAC,eAAe,EAAE,OAAO,CAAA;IACjC,QAAQ,CAAC,UAAU,EAAE,MAAM,GAAG,SAAS,CAAA;IACvC,QAAQ,CAAC,MAAM,EAAE,OAAO,CAAA;IACxB,QAAQ,CAAC,OAAO,EAAE,OAAO,GAAG,OAAO,CAAA;gBAEvB,OAAO,CAAC,EAAE,aAAa;IAenC,IAAI,MAAM,IAAI,OAAO,CAEpB;CACF"}

package/dist/config/Config.js

@@ -9,6 +9,8 @@ class Config {
     disabled;
     useSystemClaude;
     reasonLang;
+    useSdk;
+    onError;
     constructor(options) {
         this.model = options?.model ?? process.env.AGENT_GATE_MODEL ?? exports.DEFAULT_MODEL;
         this.apiKey = options?.apiKey ?? process.env.AGENT_GATE_API_KEY;
@@ -17,6 +19,11 @@ class Config {
         this.disabled = options?.disabled ?? process.env.AGENT_GATE_DISABLED === 'true';
         this.useSystemClaude = options?.useSystemClaude ?? process.env.USE_SYSTEM_CLAUDE === 'true';
         this.reasonLang = options?.reasonLang ?? process.env.AGENT_GATE_REASON_LANG;
+        this.useSdk = options?.useSdk ?? process.env.AGENT_GATE_USE_SDK === '1';
+        const envOnError = process.env.AGENT_GATE_ON_ERROR;
+        this.onError =
+            options?.onError ??
+                (envOnError === 'block' ? 'block' : 'allow');
     }
     get useApi() {
         return this.apiKey !== undefined && this.apiKey !== '';

package/dist/deterministic/engine.d.ts

@@ -7,5 +7,17 @@ export type EngineResult = {
     reason: string;
     ruleId: string;
 };
-export declare function runDeterministicRules(toolName: string, toolInput: Record<string, unknown>, rules: DeterministicRule[], ctx?: SessionContext): EngineResult;
+export type OnErrorPolicy = 'allow' | 'block';
+export interface RunDeterministicRulesOptions {
+    /**
+     * What to do when a rule's check function throws.
+     * - "allow" (default): swallow the exception and continue with the
+     *   next rule. Compatible with prior versions.
+     * - "block": turn the exception into a block verdict and stop the
+     *   engine. Suitable for enterprise / production use where the
+     *   safest response to a misbehaving rule is to halt.
+     */
+    onError?: OnErrorPolicy;
+}
+export declare function runDeterministicRules(toolName: string, toolInput: Record<string, unknown>, rules: DeterministicRule[], ctx?: SessionContext, options?: RunDeterministicRulesOptions): EngineResult;
 //# sourceMappingURL=engine.d.ts.map

package/dist/deterministic/engine.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"engine.d.ts","sourceRoot":"","sources":["../../src/deterministic/engine.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,MAAM,SAAS,CAAA;AAC3C,OAAO,EAAE,cAAc,EAAE,MAAM,mCAAmC,CAAA;AAElE,MAAM,MAAM,YAAY,GACpB;IAAE,IAAI,EAAE,OAAO,CAAA;CAAE,GACjB;IAAE,IAAI,EAAE,OAAO,CAAC;IAAC,MAAM,EAAE,MAAM,CAAC;IAAC,MAAM,EAAE,MAAM,CAAA;CAAE,CAAA;AAErD,wBAAgB,qBAAqB,CACnC,QAAQ,EAAE,MAAM,EAChB,SAAS,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAClC,KAAK,EAAE,iBAAiB,EAAE,EAC1B,GAAG,CAAC,EAAE,cAAc,GACnB,YAAY,CAQd"}
+{"version":3,"file":"engine.d.ts","sourceRoot":"","sources":["../../src/deterministic/engine.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,MAAM,SAAS,CAAA;AAC3C,OAAO,EAAE,cAAc,EAAE,MAAM,mCAAmC,CAAA;AAElE,MAAM,MAAM,YAAY,GACpB;IAAE,IAAI,EAAE,OAAO,CAAA;CAAE,GACjB;IAAE,IAAI,EAAE,OAAO,CAAC;IAAC,MAAM,EAAE,MAAM,CAAC;IAAC,MAAM,EAAE,MAAM,CAAA;CAAE,CAAA;AAErD,MAAM,MAAM,aAAa,GAAG,OAAO,GAAG,OAAO,CAAA;AAE7C,MAAM,WAAW,4BAA4B;IAC3C;;;;;;;OAOG;IACH,OAAO,CAAC,EAAE,aAAa,CAAA;CACxB;AAED,wBAAgB,qBAAqB,CACnC,QAAQ,EAAE,MAAM,EAChB,SAAS,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAClC,KAAK,EAAE,iBAAiB,EAAE,EAC1B,GAAG,CAAC,EAAE,cAAc,EACpB,OAAO,CAAC,EAAE,4BAA4B,GACrC,YAAY,CAuBd"}

package/dist/deterministic/engine.js

@@ -1,9 +1,24 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.runDeterministicRules = runDeterministicRules;
-function runDeterministicRules(toolName, toolInput, rules, ctx) {
+function runDeterministicRules(toolName, toolInput, rules, ctx, options) {
+    const onError = options?.onError ?? 'allow';
     for (const rule of rules) {
-        const verdict = rule.check(toolName, toolInput, ctx);
+        let verdict;
+        try {
+            verdict = rule.check(toolName, toolInput, ctx);
+        }
+        catch (e) {
+            if (onError === 'block') {
+                const reason = e instanceof Error ? e.message : String(e);
+                return {
+                    kind: 'block',
+                    reason: `Rule "${rule.id}" failed: ${reason}. Failing closed.`,
+                    ruleId: rule.id,
+                };
+            }
+            continue;
+        }
         if (verdict.kind === 'block') {
             return { kind: 'block', reason: verdict.reason, ruleId: rule.id };
         }

package/dist/hooks/processHookData.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"processHookData.d.ts","sourceRoot":"","sources":["../../src/hooks/processHookData.ts"],"names":[],"mappings":"AAIA,OAAO,EAAE,gBAAgB,EAAE,MAAM,qCAAqC,CAAA;AACtE,OAAO,EAAE,UAAU,EAAE,MAAM,+BAA+B,CAAA;AAC1D,OAAO,EAAE,YAAY,EAAE,MAAM,gCAAgC,CAAA;AAE7D,OAAO,EAAE,SAAS,EAAE,MAAM,yBAAyB,CAAA;AACnD,OAAO,EAAE,MAAM,EAAE,MAAM,kBAAkB,CAAA;AAIzC,OAAO,EAAE,iBAAiB,EAAE,MAAM,wBAAwB,CAAA;AAG1D,OAAO,EAAE,OAAO,EAAE,MAAM,qBAAqB,CAAA;AAE7C,OAAO,EACL,eAAe,EAEhB,MAAM,2BAA2B,CAAA;AAMlC,OAAO,EAAE,QAAQ,EAAE,MAAM,2BAA2B,CAAA;AAWpD,MAAM,WAAW,aAAa;IAC5B,WAAW,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAAA;IAChC,WAAW,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,IAAI,CAAA;CAC7C;AA4BD,MAAM,WAAW,mBAAmB;IAClC,MAAM,CAAC,EAAE,MAAM,CAAA;IACf,eAAe,CAAC,EAAE,eAAe,CAAA;IACjC,SAAS,CAAC,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,UAAU,EAAE,CAAA;IACzC,WAAW,CAAC,EAAE,OAAO,SAAS,CAAA;IAC9B,cAAc,CAAC,EAAE,CAAC,MAAM,EAAE,MAAM,KAAK,YAAY,CAAA;IACjD,aAAa,CAAC,EAAE,aAAa,CAAA;IAC7B,GAAG,CAAC,EAAE,MAAM,CAAA;IACZ,kBAAkB,CAAC,EAAE,iBAAiB,EAAE,CAAA;IACxC,OAAO,CAAC,EAAE,OAAO,CAAA;IACjB;;;;OAIG;IACH,QAAQ,CAAC,EAAE,QAAQ,CAAA;IACnB,wEAAwE;IACxE,OAAO,CAAC,EAAE;QAAE,OAAO,EAAE,OAAO,CAAC;QAAC,IAAI,CAAC,EAAE,MAAM,CAAA;KAAE,CAAA;CAC9C;AAaD,wBAAsB,eAAe,CACnC,KAAK,EAAE,MAAM,EACb,IAAI,CAAC,EAAE,mBAAmB,GACzB,OAAO,CAAC,gBAAgB,CAAC,CAoI3B"}
+{"version":3,"file":"processHookData.d.ts","sourceRoot":"","sources":["../../src/hooks/processHookData.ts"],"names":[],"mappings":"AAIA,OAAO,EAAE,gBAAgB,EAAE,MAAM,qCAAqC,CAAA;AACtE,OAAO,EAAE,UAAU,EAAE,MAAM,+BAA+B,CAAA;AAC1D,OAAO,EAAE,YAAY,EAAE,MAAM,gCAAgC,CAAA;AAE7D,OAAO,EAAE,SAAS,EAAE,MAAM,yBAAyB,CAAA;AACnD,OAAO,EAAE,MAAM,EAAE,MAAM,kBAAkB,CAAA;AAKzC,OAAO,EAAE,iBAAiB,EAAE,MAAM,wBAAwB,CAAA;AAG1D,OAAO,EAAE,OAAO,EAAE,MAAM,qBAAqB,CAAA;AAE7C,OAAO,EACL,eAAe,EAEhB,MAAM,2BAA2B,CAAA;AAMlC,OAAO,EAAE,QAAQ,EAAE,MAAM,2BAA2B,CAAA;AAWpD,MAAM,WAAW,aAAa;IAC5B,WAAW,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAAA;IAChC,WAAW,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,IAAI,CAAA;CAC7C;AA4BD,MAAM,WAAW,mBAAmB;IAClC,MAAM,CAAC,EAAE,MAAM,CAAA;IACf,eAAe,CAAC,EAAE,eAAe,CAAA;IACjC,SAAS,CAAC,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,UAAU,EAAE,CAAA;IACzC,WAAW,CAAC,EAAE,OAAO,SAAS,CAAA;IAC9B,cAAc,CAAC,EAAE,CAAC,MAAM,EAAE,MAAM,KAAK,YAAY,CAAA;IACjD,aAAa,CAAC,EAAE,aAAa,CAAA;IAC7B,GAAG,CAAC,EAAE,MAAM,CAAA;IACZ,kBAAkB,CAAC,EAAE,iBAAiB,EAAE,CAAA;IACxC,OAAO,CAAC,EAAE,OAAO,CAAA;IACjB;;;;OAIG;IACH,QAAQ,CAAC,EAAE,QAAQ,CAAA;IACnB,wEAAwE;IACxE,OAAO,CAAC,EAAE;QAAE,OAAO,EAAE,OAAO,CAAC;QAAC,IAAI,CAAC,EAAE,MAAM,CAAA;KAAE,CAAA;CAC9C;AAaD,wBAAsB,eAAe,CACnC,KAAK,EAAE,MAAM,EACb,IAAI,CAAC,EAAE,mBAAmB,GACzB,OAAO,CAAC,gBAAgB,CAAC,CAuI3B"}

package/dist/hooks/processHookData.js

@@ -11,6 +11,7 @@ const Config_1 = require("../config/Config");
 const ClaudeCli_1 = require("../validation/models/ClaudeCli");
 const AnthropicApi_1 = require("../validation/models/AnthropicApi");
 const CompositeModelClient_1 = require("../validation/models/CompositeModelClient");
+const AgentSdkClient_1 = require("../validation/models/AgentSdkClient");
 const engine_1 = require("../deterministic/engine");
 const defaultRules_1 = require("../deterministic/defaultRules");
 const adapter_1 = require("../adapters/claude-code/adapter");
@@ -88,7 +89,7 @@ async function processHookData(input, deps) {
     // any cooldown or AI check.
     const deterministicRules = deps?.deterministicRules ??
         (0, defaultRules_1.buildDefaultDeterministicRules)(agentGateConfig);
-    const ruleVerdict = (0, engine_1.runDeterministicRules)(toolName, toolInput, deterministicRules, sessionContext);
+    const ruleVerdict = (0, engine_1.runDeterministicRules)(toolName, toolInput, deterministicRules, sessionContext, { onError: config.onError });
     if (ruleVerdict.kind === 'block') {
         bus.emit({
             type: 'rule.fired',
@@ -138,7 +139,9 @@ async function processHookData(input, deps) {
         rulesCount: rules.length,
     });
     const aiStart = Date.now();
-    const result = await validate(rules, toolName, toolInput, modelClient);
+    const result = await validate(rules, toolName, toolInput, modelClient, {
+        onError: config.onError,
+    });
     const aiLatency = Date.now() - aiStart;
     // Update cooldown timestamp AFTER successful validation
     if (cooldownStore) {
@@ -165,11 +168,20 @@ async function processHookData(input, deps) {
     return result;
 }
 function createModelClient(config, cwd) {
-    // Build a fallback chain: the most-preferred client comes first, with
-    // ClaudeCli as a secondary path. The CompositeModelClient tries each in
-    // order; if the first fails, the next runs. The validator's outer
-    // try/catch fail-opens when every client has failed.
+    // Build a fallback chain: the most-preferred client comes first.
+    // The CompositeModelClient tries each in order; if one fails, the next
+    // runs. The validator's outer try/catch fail-opens if every client has
+    // failed.
+    //
+    // Order: AgentSdkClient (when AGENT_GATE_USE_SDK=1) -> AnthropicApi
+    // (when an API key is set) -> ClaudeCli (always available as a fallback).
+    // AgentSdkClient is preferred when enabled because it reuses the host
+    // agent's existing Claude authentication, removing the need for a
+    // separate API key.
     const clients = [];
+    if (config.useSdk) {
+        clients.push(new AgentSdkClient_1.AgentSdkClient({ config }));
+    }
     if (config.useApi) {
         clients.push(new AnthropicApi_1.AnthropicApi(config));
     }

package/dist/index.d.ts

@@ -20,6 +20,8 @@ export { cursorAdapter } from './adapters/cursor/adapter';
 export type { Adapter, ReadHistoryOptions } from './adapters/Adapter';
 export { CompositeModelClient } from './validation/models/CompositeModelClient';
 export type { CompositeModelClientOptions } from './validation/models/CompositeModelClient';
+export { AgentSdkClient } from './validation/models/AgentSdkClient';
+export type { AgentSdkClientOptions, AgentSdkQueryFn, } from './validation/models/AgentSdkClient';
 export { lintRuleSources } from './doctor/lintRuleSources';
 export { formatFindings } from './doctor/formatFindings';
 export type { Finding, FindingCode, Severity, } from './doctor/findings';

package/dist/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,MAAM,EAAE,MAAM,iBAAiB,CAAA;AACxC,YAAY,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAA;AACpD,OAAO,EAAE,YAAY,EAAE,MAAM,uBAAuB,CAAA;AACpD,YAAY,EAAE,qBAAqB,EAAE,MAAM,uBAAuB,CAAA;AAClE,YAAY,EAAE,eAAe,EAAE,MAAM,0BAA0B,CAAA;AAC/D,OAAO,EAAE,mBAAmB,EAAE,MAAM,0BAA0B,CAAA;AAC9D,OAAO,EAAE,gBAAgB,EAAE,MAAM,6BAA6B,CAAA;AAG9D,YAAY,EAAE,gBAAgB,EAAE,MAAM,oCAAoC,CAAA;AAC1E,YAAY,EAAE,QAAQ,EAAE,MAAM,4BAA4B,CAAA;AAC1D,YAAY,EAAE,YAAY,EAAE,MAAM,+BAA+B,CAAA;AACjE,YAAY,EAAE,UAAU,EAAE,cAAc,EAAE,MAAM,8BAA8B,CAAA;AAC9E,YAAY,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,0BAA0B,CAAA;AAClE,YAAY,EACV,cAAc,EACd,YAAY,GACb,MAAM,kCAAkC,CAAA;AAGzC,OAAO,EAAE,cAAc,EAAE,MAAM,oCAAoC,CAAA;AAGnE,YAAY,EACV,iBAAiB,EACjB,WAAW,GACZ,MAAM,uBAAuB,CAAA;AAC9B,OAAO,EACL,oBAAoB,EACpB,oBAAoB,EACpB,qBAAqB,GACtB,MAAM,2BAA2B,CAAA;AAClC,OAAO,EACL,yBAAyB,EACzB,8BAA8B,GAC/B,MAAM,8BAA8B,CAAA;AAGrC,OAAO,EAAE,iBAAiB,EAAE,MAAM,gCAAgC,CAAA;AAClE,OAAO,EAAE,aAAa,EAAE,MAAM,2BAA2B,CAAA;AACzD,YAAY,EAAE,OAAO,EAAE,kBAAkB,EAAE,MAAM,oBAAoB,CAAA;AAGrE,OAAO,EAAE,oBAAoB,EAAE,MAAM,0CAA0C,CAAA;AAC/E,YAAY,EAAE,2BAA2B,EAAE,MAAM,0CAA0C,CAAA;AAG3F,OAAO,EAAE,eAAe,EAAE,MAAM,0BAA0B,CAAA;AAC1D,OAAO,EAAE,cAAc,EAAE,MAAM,yBAAyB,CAAA;AACxD,YAAY,EACV,OAAO,EACP,WAAW,EACX,QAAQ,GACT,MAAM,mBAAmB,CAAA;AAG1B,OAAO,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAA;AAC9C,YAAY,EAAE,mBAAmB,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAA;AACzE,OAAO,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAA;AAC9C,YAAY,EAAE,mBAAmB,EAAE,MAAM,iBAAiB,CAAA;AAC1D,OAAO,EACL,iBAAiB,IAAI,uBAAuB,GAC7C,MAAM,mBAAmB,CAAA;AAC1B,YAAY,EACV,aAAa,EACb,cAAc,EACd,mBAAmB,GACpB,MAAM,mBAAmB,CAAA;AAG1B,OAAO,EAAE,QAAQ,EAAE,MAAM,0BAA0B,CAAA;AACnD,OAAO,EAAE,aAAa,EAAE,MAAM,qCAAqC,CAAA;AACnE,YAAY,EACV,aAAa,EACb,cAAc,EACd,gBAAgB,EAChB,gBAAgB,EAChB,mBAAmB,EACnB,kBAAkB,EAClB,IAAI,GACL,MAAM,4BAA4B,CAAA;AAGnC,OAAO,EAAE,kBAAkB,EAAE,MAAM,gCAAgC,CAAA;AACnE,OAAO,EAAE,SAAS,EAAE,MAAM,wBAAwB,CAAA;AAClD,OAAO,EAAE,eAAe,EAAE,MAAM,yBAAyB,CAAA"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,MAAM,EAAE,MAAM,iBAAiB,CAAA;AACxC,YAAY,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAA;AACpD,OAAO,EAAE,YAAY,EAAE,MAAM,uBAAuB,CAAA;AACpD,YAAY,EAAE,qBAAqB,EAAE,MAAM,uBAAuB,CAAA;AAClE,YAAY,EAAE,eAAe,EAAE,MAAM,0BAA0B,CAAA;AAC/D,OAAO,EAAE,mBAAmB,EAAE,MAAM,0BAA0B,CAAA;AAC9D,OAAO,EAAE,gBAAgB,EAAE,MAAM,6BAA6B,CAAA;AAG9D,YAAY,EAAE,gBAAgB,EAAE,MAAM,oCAAoC,CAAA;AAC1E,YAAY,EAAE,QAAQ,EAAE,MAAM,4BAA4B,CAAA;AAC1D,YAAY,EAAE,YAAY,EAAE,MAAM,+BAA+B,CAAA;AACjE,YAAY,EAAE,UAAU,EAAE,cAAc,EAAE,MAAM,8BAA8B,CAAA;AAC9E,YAAY,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,0BAA0B,CAAA;AAClE,YAAY,EACV,cAAc,EACd,YAAY,GACb,MAAM,kCAAkC,CAAA;AAGzC,OAAO,EAAE,cAAc,EAAE,MAAM,oCAAoC,CAAA;AAGnE,YAAY,EACV,iBAAiB,EACjB,WAAW,GACZ,MAAM,uBAAuB,CAAA;AAC9B,OAAO,EACL,oBAAoB,EACpB,oBAAoB,EACpB,qBAAqB,GACtB,MAAM,2BAA2B,CAAA;AAClC,OAAO,EACL,yBAAyB,EACzB,8BAA8B,GAC/B,MAAM,8BAA8B,CAAA;AAGrC,OAAO,EAAE,iBAAiB,EAAE,MAAM,gCAAgC,CAAA;AAClE,OAAO,EAAE,aAAa,EAAE,MAAM,2BAA2B,CAAA;AACzD,YAAY,EAAE,OAAO,EAAE,kBAAkB,EAAE,MAAM,oBAAoB,CAAA;AAGrE,OAAO,EAAE,oBAAoB,EAAE,MAAM,0CAA0C,CAAA;AAC/E,YAAY,EAAE,2BAA2B,EAAE,MAAM,0CAA0C,CAAA;AAC3F,OAAO,EAAE,cAAc,EAAE,MAAM,oCAAoC,CAAA;AACnE,YAAY,EACV,qBAAqB,EACrB,eAAe,GAChB,MAAM,oCAAoC,CAAA;AAG3C,OAAO,EAAE,eAAe,EAAE,MAAM,0BAA0B,CAAA;AAC1D,OAAO,EAAE,cAAc,EAAE,MAAM,yBAAyB,CAAA;AACxD,YAAY,EACV,OAAO,EACP,WAAW,EACX,QAAQ,GACT,MAAM,mBAAmB,CAAA;AAG1B,OAAO,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAA;AAC9C,YAAY,EAAE,mBAAmB,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAA;AACzE,OAAO,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAA;AAC9C,YAAY,EAAE,mBAAmB,EAAE,MAAM,iBAAiB,CAAA;AAC1D,OAAO,EACL,iBAAiB,IAAI,uBAAuB,GAC7C,MAAM,mBAAmB,CAAA;AAC1B,YAAY,EACV,aAAa,EACb,cAAc,EACd,mBAAmB,GACpB,MAAM,mBAAmB,CAAA;AAG1B,OAAO,EAAE,QAAQ,EAAE,MAAM,0BAA0B,CAAA;AACnD,OAAO,EAAE,aAAa,EAAE,MAAM,qCAAqC,CAAA;AACnE,YAAY,EACV,aAAa,EACb,cAAc,EACd,gBAAgB,EAChB,gBAAgB,EAChB,mBAAmB,EACnB,kBAAkB,EAClB,IAAI,GACL,MAAM,4BAA4B,CAAA;AAGnC,OAAO,EAAE,kBAAkB,EAAE,MAAM,gCAAgC,CAAA;AACnE,OAAO,EAAE,SAAS,EAAE,MAAM,wBAAwB,CAAA;AAClD,OAAO,EAAE,eAAe,EAAE,MAAM,yBAAyB,CAAA"}

package/dist/index.js

@@ -1,6 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.processHookData = exports.validator = exports.collectRuleSources = exports.JsonlFileSink = exports.EventBus = exports.defaultDaemonSocketPath = exports.sendToDaemon = exports.DaemonServer = exports.formatFindings = exports.lintRuleSources = exports.CompositeModelClient = exports.cursorAdapter = exports.claudeCodeAdapter = exports.buildDefaultDeterministicRules = exports.defaultDeterministicRules = exports.forbidFilePathPattern = exports.forbidContentPattern = exports.forbidCommandPattern = exports.HookDataSchema = exports.loadPluginConfig = exports.loadAgentGateConfig = exports.defineConfig = exports.Config = void 0;
+exports.processHookData = exports.validator = exports.collectRuleSources = exports.JsonlFileSink = exports.EventBus = exports.defaultDaemonSocketPath = exports.sendToDaemon = exports.DaemonServer = exports.formatFindings = exports.lintRuleSources = exports.AgentSdkClient = exports.CompositeModelClient = exports.cursorAdapter = exports.claudeCodeAdapter = exports.buildDefaultDeterministicRules = exports.defaultDeterministicRules = exports.forbidFilePathPattern = exports.forbidContentPattern = exports.forbidCommandPattern = exports.HookDataSchema = exports.loadPluginConfig = exports.loadAgentGateConfig = exports.defineConfig = exports.Config = void 0;
 // Config
 var Config_1 = require("./config/Config");
 Object.defineProperty(exports, "Config", { enumerable: true, get: function () { return Config_1.Config; } });
@@ -28,6 +28,8 @@ Object.defineProperty(exports, "cursorAdapter", { enumerable: true, get: functio
 // Model clients (for users wiring up custom AI fallback chains)
 var CompositeModelClient_1 = require("./validation/models/CompositeModelClient");
 Object.defineProperty(exports, "CompositeModelClient", { enumerable: true, get: function () { return CompositeModelClient_1.CompositeModelClient; } });
+var AgentSdkClient_1 = require("./validation/models/AgentSdkClient");
+Object.defineProperty(exports, "AgentSdkClient", { enumerable: true, get: function () { return AgentSdkClient_1.AgentSdkClient; } });
 // Doctor (CLAUDE.md linter)
 var lintRuleSources_1 = require("./doctor/lintRuleSources");
 Object.defineProperty(exports, "lintRuleSources", { enumerable: true, get: function () { return lintRuleSources_1.lintRuleSources; } });

package/dist/validation/models/AgentSdkClient.d.ts

@@ -0,0 +1,40 @@
+import { IModelClient } from '../../contracts/types/ModelClient';
+import { Config } from '../../config/Config';
+/**
+ * Shape of the `query` export from `@anthropic-ai/claude-agent-sdk`,
+ * as documented by Anthropic. The SDK returns an AsyncIterable of
+ * streamed messages and accepts a small set of options.
+ */
+export type AgentSdkQueryFn = (args: {
+    prompt: string;
+    options?: {
+        model?: string;
+        allowedTools?: string[];
+        permissionMode?: 'default' | 'bypassPermissions' | 'dontAsk';
+        maxTurns?: number;
+    };
+}) => AsyncIterable<unknown>;
+export interface AgentSdkClientOptions {
+    config: Config;
+    /**
+     * Override the SDK loader. Production builds default to a dynamic
+     * import of `@anthropic-ai/claude-agent-sdk`; tests inject a fake.
+     */
+    loadQuery?: () => Promise<AgentSdkQueryFn>;
+}
+/**
+ * IModelClient that runs validation through Anthropic's agent SDK
+ * (`@anthropic-ai/claude-agent-sdk`). Reuses the host process's
+ * existing Claude authentication so no separate API key is required.
+ *
+ * Tradeoff: the SDK has noticeable cold-start cost on each call.
+ * Recommended paired with `agent-gate daemon` so the SDK initialization
+ * is amortized across hook invocations.
+ */
+export declare class AgentSdkClient implements IModelClient {
+    private readonly config;
+    private readonly loadQuery;
+    constructor(opts: AgentSdkClientOptions);
+    ask(prompt: string): Promise<string>;
+}
+//# sourceMappingURL=AgentSdkClient.d.ts.map

package/dist/validation/models/AgentSdkClient.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"AgentSdkClient.d.ts","sourceRoot":"","sources":["../../../src/validation/models/AgentSdkClient.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,mCAAmC,CAAA;AAChE,OAAO,EAAE,MAAM,EAAE,MAAM,qBAAqB,CAAA;AAG5C;;;;GAIG;AACH,MAAM,MAAM,eAAe,GAAG,CAAC,IAAI,EAAE;IACnC,MAAM,EAAE,MAAM,CAAA;IACd,OAAO,CAAC,EAAE;QACR,KAAK,CAAC,EAAE,MAAM,CAAA;QACd,YAAY,CAAC,EAAE,MAAM,EAAE,CAAA;QACvB,cAAc,CAAC,EAAE,SAAS,GAAG,mBAAmB,GAAG,SAAS,CAAA;QAC5D,QAAQ,CAAC,EAAE,MAAM,CAAA;KAClB,CAAA;CACF,KAAK,aAAa,CAAC,OAAO,CAAC,CAAA;AAE5B,MAAM,WAAW,qBAAqB;IACpC,MAAM,EAAE,MAAM,CAAA;IACd;;;OAGG;IACH,SAAS,CAAC,EAAE,MAAM,OAAO,CAAC,eAAe,CAAC,CAAA;CAC3C;AAED;;;;;;;;GAQG;AACH,qBAAa,cAAe,YAAW,YAAY;IACjD,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAQ;IAC/B,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAgC;gBAE9C,IAAI,EAAE,qBAAqB;IAKjC,GAAG,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;CAgC3C"}

package/dist/validation/models/AgentSdkClient.js

@@ -0,0 +1,92 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AgentSdkClient = void 0;
+const system_prompt_1 = require("../prompts/system-prompt");
+/**
+ * IModelClient that runs validation through Anthropic's agent SDK
+ * (`@anthropic-ai/claude-agent-sdk`). Reuses the host process's
+ * existing Claude authentication so no separate API key is required.
+ *
+ * Tradeoff: the SDK has noticeable cold-start cost on each call.
+ * Recommended paired with `agent-gate daemon` so the SDK initialization
+ * is amortized across hook invocations.
+ */
+class AgentSdkClient {
+    config;
+    loadQuery;
+    constructor(opts) {
+        this.config = opts.config;
+        this.loadQuery = opts.loadQuery ?? defaultLoadQuery;
+    }
+    async ask(prompt) {
+        let query;
+        try {
+            query = await this.loadQuery();
+        }
+        catch (e) {
+            const msg = e instanceof Error ? e.message : String(e);
+            throw new Error(`Agent SDK loader failed; install @anthropic-ai/claude-agent-sdk or fall back to another client. Underlying: ${msg}`);
+        }
+        const fullPrompt = `${(0, system_prompt_1.getSystemPrompt)(this.config.reasonLang)}\n\n${prompt}`;
+        let lastText = '';
+        for await (const message of query({
+            prompt: fullPrompt,
+            options: {
+                model: this.config.model,
+                allowedTools: [],
+                permissionMode: 'bypassPermissions',
+                maxTurns: 1,
+            },
+        })) {
+            const t = extractText(message);
+            if (t)
+                lastText = t;
+        }
+        if (!lastText) {
+            throw new Error('No response from agent SDK stream');
+        }
+        return lastText;
+    }
+}
+exports.AgentSdkClient = AgentSdkClient;
+async function defaultLoadQuery() {
+    const mod = (await import('@anthropic-ai/claude-agent-sdk'));
+    if (typeof mod.query !== 'function') {
+        throw new Error('@anthropic-ai/claude-agent-sdk did not export query()');
+    }
+    return mod.query;
+}
+/**
+ * Pulls assistant text out of one streamed message. The SDK emits a
+ * mix of system / assistant / result envelopes; we cover the common
+ * shapes and ignore the rest.
+ */
+function extractText(message) {
+    if (typeof message !== 'object' || message === null)
+        return null;
+    const m = message;
+    if (typeof m.result === 'string' && m.result.length > 0)
+        return m.result;
+    const inner = m.message;
+    if (typeof inner === 'object' && inner !== null) {
+        const content = inner.content;
+        if (Array.isArray(content)) {
+            const text = content
+                .map((c) => {
+                if (typeof c === 'object' && c !== null) {
+                    const block = c;
+                    if (typeof block.text === 'string')
+                        return block.text;
+                }
+                return null;
+            })
+                .filter((s) => Boolean(s))
+                .join('\n');
+            if (text.length > 0)
+                return text;
+        }
+    }
+    if (typeof m.text === 'string' && m.text.length > 0)
+        return m.text;
+    return null;
+}

package/dist/validation/validator.d.ts

@@ -1,5 +1,9 @@
 import { ValidationResult } from '../contracts/types/ValidationResult';
 import { RuleSource } from '../contracts/types/RuleSource';
 import { IModelClient } from '../contracts/types/ModelClient';
-export declare function validator(rules: RuleSource[], toolName: string, toolInput: Record<string, unknown>, modelClient: IModelClient): Promise<ValidationResult>;
+export interface ValidatorOptions {
+    /** Fail-closed behavior on model client failures. Default: "allow". */
+    onError?: 'allow' | 'block';
+}
+export declare function validator(rules: RuleSource[], toolName: string, toolInput: Record<string, unknown>, modelClient: IModelClient, options?: ValidatorOptions): Promise<ValidationResult>;
 //# sourceMappingURL=validator.d.ts.map

package/dist/validation/validator.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"validator.d.ts","sourceRoot":"","sources":["../../src/validation/validator.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,gBAAgB,EAAE,MAAM,qCAAqC,CAAA;AACtE,OAAO,EAAE,UAAU,EAAE,MAAM,+BAA+B,CAAA;AAC1D,OAAO,EAAE,YAAY,EAAE,MAAM,gCAAgC,CAAA;AAQ7D,wBAAsB,SAAS,CAC7B,KAAK,EAAE,UAAU,EAAE,EACnB,QAAQ,EAAE,MAAM,EAChB,SAAS,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAClC,WAAW,EAAE,YAAY,GACxB,OAAO,CAAC,gBAAgB,CAAC,CAa3B"}
+{"version":3,"file":"validator.d.ts","sourceRoot":"","sources":["../../src/validation/validator.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,gBAAgB,EAAE,MAAM,qCAAqC,CAAA;AACtE,OAAO,EAAE,UAAU,EAAE,MAAM,+BAA+B,CAAA;AAC1D,OAAO,EAAE,YAAY,EAAE,MAAM,gCAAgC,CAAA;AAQ7D,MAAM,WAAW,gBAAgB;IAC/B,uEAAuE;IACvE,OAAO,CAAC,EAAE,OAAO,GAAG,OAAO,CAAA;CAC5B;AAED,wBAAsB,SAAS,CAC7B,KAAK,EAAE,UAAU,EAAE,EACnB,QAAQ,EAAE,MAAM,EAChB,SAAS,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAClC,WAAW,EAAE,YAAY,EACzB,OAAO,CAAC,EAAE,gBAAgB,GACzB,OAAO,CAAC,gBAAgB,CAAC,CAmB3B"}

package/dist/validation/validator.js

@@ -2,7 +2,7 @@
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.validator = validator;
 const context_1 = require("./prompts/context");
-async function validator(rules, toolName, toolInput, modelClient) {
+async function validator(rules, toolName, toolInput, modelClient, options) {
     try {
         const prompt = (0, context_1.buildPrompt)(rules, toolName, toolInput);
         const response = await modelClient.ask(prompt);
@@ -10,6 +10,12 @@ async function validator(rules, toolName, toolInput, modelClient) {
     }
     catch (error) {
         const errorMessage = error instanceof Error ? error.message : 'Unknown error';
+        if (options?.onError === 'block') {
+            return {
+                decision: 'block',
+                reason: `Validation failed (failing closed): ${errorMessage}`,
+            };
+        }
         return {
             decision: undefined,
             reason: `Validation error (allowing operation): ${errorMessage}`,

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@hiro-c/agent-gate",
-  "version": "1.0.2",
+  "version": "1.2.0",
   "description": "Runtime rule enforcer for AI coding agents. Reads CLAUDE.md / AGENTS.md / .cursorrules and enforces them via Claude Code and Cursor hooks, with a deterministic safety baseline.",
   "author": "Hiro-Chiba",
   "license": "MIT",
@@ -55,7 +55,7 @@
     "prepublishOnly": "npm run checks && npm run build"
   },
   "dependencies": {
-    "@anthropic-ai/sdk": "^0.90.0",
+    "@anthropic-ai/sdk": "^0.93.0",
     "jiti": "^2.7.0",
     "zod": "^4.3.6"
   },
@@ -63,5 +63,8 @@
     "@types/node": "^25.6.0",
     "typescript": "^6.0.3",
     "vitest": "^4.1.4"
+  },
+  "optionalDependencies": {
+    "@anthropic-ai/claude-agent-sdk": "^0.3.0"
   }
 }